lucid_shopify 0.5.3 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d610eaa43c2042955f9e53258ec348d11e41dac18bbe6e1c791df7aef3fc534f
-  data.tar.gz: 19aed6bb09852b20d2f66460bcf0fcf137256ce334af9b03d8719e0f609c6c14
+  metadata.gz: a53c313f841a7f88609457eb4b2c4f1a7651eee3d687097be04f98d75f36f4a0
+  data.tar.gz: e3190ad427bd79f7bd0fe8f7ace431aad5544d9fe162b1098a5885d3a2959efc
 SHA512:
-  metadata.gz: 3b13e09788864e1cd1994da04803827e7796157d2e8e8d14efbfac7a7235e8979f0df8f42a2775427a95a10d33bbf7b6b378e809f45a9da95c1063ad030a76fc
-  data.tar.gz: f5a89554bb759e1a470cf46fc7cfd5a5dca6ef6d1b0f98e3318d634ab604a40594749831de8ce2fdfe0236dcd66802854066b797a25ab283ddf4933114a09977
+  metadata.gz: 36cb4616edbe9d671ff6b34f3ee92d92e5a50bf20d7da05d2bfe783b307b8678d7c36d920174223ebf15739bd76577d001275db4c6f34805d09b8c485bd3aa14
+  data.tar.gz: '04293660bb3c7abb9d4999924fbd311ccbf29de0e9d405338321e5e95bb2257a4861ead6be9c4684e7ca7424a9d46c015a95ae0a3b44354c2a7225bd877ece18'

data/README.md

@@ -14,7 +14,7 @@ Usage
 
 ### Configure the default API client credentials
 
-    LucidShopify.credentials = LucidShopify::Credentials.new(
+    LucidShopify.config = LucidShopify::Config.new(
       '...', # api_key
       '...', # shared_secret
       '...', # scope
@@ -66,28 +66,34 @@ to create a worker around something like this:
 
 Create/delete all configured webhooks (see above):
 
-    webhooks = LucidShopify::Webhooks.new
-
-    webhooks.create_all(request_credentials)
-    webhooks.delete_all(request_credentials)
+    LucidShopify::CreateAllWebhooks.new.(request_credentials)
+    LucidShopify::DeleteAllWebhooks.new.(request_credentials)
 
 Create/delete webhooks manually:
 
     webhook = {topic: 'orders/create', fields: %w(id tags)}
 
-    webhooks.create(request_credentials, webhook)
-    webhooks.delete(request_credentials, webhook_id)
+    LucidShopify::CreateWebhook.new.(request_credentials, webhook)
+    LucidShopify::DeleteWebhook.new.(request_credentials, webhook_id)
 
 
 ### Verification
 
 Verify callback requests with the request params:
 
-    LucidShopify::Verify::Callback.new.(params_hash).success?
+    begin
+      LucidShopify::AssertCallback.new.(params)
+    rescue LucidShopify::Error => e
+      # ...
+    end
 
 Verify webhook requests with the request data and the HMAC header:
 
-    LucidShopify::Verify::Webhook.new.(data, hmac).success?
+    begin
+      LucidShopify::AssertWebhook.new.(data, hmac)
+    rescue LucidShopify::Error => e
+      # ...
+    end
 
 
 ### Authorization

data/lib/lucid_shopify/activate_charge.rb

@@ -1,26 +1,26 @@
 # frozen_string_literal: true
 
-require 'dry-initializer'
-
-require 'lucid_shopify/client'
+require 'lucid_shopify/container'
 
 module LucidShopify
   class ActivateCharge
-    extend Dry::Initializer
-
-    # @return [Client]
-    option :client, default: proc { Client.new }
+    #
+    # @param client [#post_json]
+    #
+    def initialize(client: Container[:client])
+      @client = client
+    end
 
     #
     # Activate a recurring application charge.
     #
     # @param request_credentials [RequestCredentials]
-    # @param charge [Hash, #to_h] an accepted charge received from Shopify via callback
+    # @param charge [#to_h] an accepted charge received from Shopify via callback
     #
     # @return [Hash] the active charge
     #
     def call(request_credentials, charge)
-      data = client.post_json(request_credentials, "recurring_application_charges/#{charge_id}/activate", charge.to_h)
+      data = @client.post_json(request_credentials, "recurring_application_charges/#{charge.to_h['id']}/activate", charge.to_h)
 
       data['recurring_application_charge']
     end

data/lib/lucid_shopify/assert_callback.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+require 'openssl'
+
+require 'lucid_shopify'
+
+module LucidShopify
+  class AssertCallback
+    Error = Class.new(Error)
+
+    #
+    # Assert that the callback request originated from Shopify.
+    #
+    # @param params [Hash] the request params
+    #
+    # @raise [Error] if signature is invalid
+    #
+    def call(params)
+      params = params.to_h
+      digest = OpenSSL::Digest::SHA256.new
+      digest = OpenSSL::HMAC.hexdigest(digest, LucidShopify.config.shared_secret, encoded_params(params))
+
+      raise Error, 'invalid signature' unless digest == params['hmac']
+    end
+
+    #
+    # @param params [Hash]
+    #
+    # @return [String]
+    #
+    private def encoded_params(params)
+      params.reject do |k, _|
+        k == 'hmac'
+      end.map do |k, v|
+        [].tap do |param|
+          param << k.gsub(/./) { |c| encode_key(c) }
+          param << '='
+          param << v.gsub(/./) { |c| encode_val(c) }
+        end.join
+      end.join('&')
+    end
+
+    #
+    # @param chr [String]
+    #
+    # @return [String]
+    #
+    private def encode_key(chr)
+      {'%' => '%25', '&' => '%26', '=' => '%3D'}[chr] || chr
+    end
+
+    #
+    # @param chr [String]
+    #
+    # @return [String]
+    #
+    private def encode_val(chr)
+      {'%' => '%25', '&' => '%26'}[chr] || chr
+    end
+  end
+end

data/lib/lucid_shopify/assert_webhook.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+require 'base64'
+require 'openssl'
+
+require 'lucid_shopify'
+
+module LucidShopify
+  class AssertWebhook
+    Error = Class.new(Error)
+
+    #
+    # Assert that the webhook request originated from Shopify.
+    #
+    # @param data [String] the signed request data
+    # @param hmac [String] the signature
+    #
+    # @return [Result]
+    #
+    def call(data, hmac)
+      digest = OpenSSL::Digest::SHA256.new
+      digest = OpenSSL::HMAC.digest(digest, LucidShopify.config.shared_secret, data)
+      digest = Base64.encode64(digest).strip
+
+      raise Error, 'invalid signature' unless digest == hmac
+    end
+  end
+end

data/lib/lucid_shopify/charge.rb

@@ -1,30 +1,35 @@
 # frozen_string_literal: true
 
-require 'dry-initializer'
-
-require 'lucid_shopify/credentials'
+require 'lucid_shopify'
 
 module LucidShopify
   #
-  # Provides a convenient way to build the charge hash for {CreateCharge}.
+  # Convenient way to build the charge hash for {CreateCharge}.
   #
   class Charge
-    extend Dry::Initializer
+    #
+    # @param plan_name [String]
+    # @param price [Integer]
+    # @param price_cap [Integer] requires price_terms
+    # @param price_terms [String] requires price_cap
+    # @param test [Boolean] is this a test_charge?
+    # @param trial_days [Integer]
+    #
+    def initialize(plan_name,
+                   price,
+                   price_cap: nil,
+                   price_terms: nil,
+                   test: false,
+                   trial_days: 7)
+      @plan_name = plan_name
+      @price = price
+      @price_cap = price_cap
+      @price_terms = price_terms
+      @test = test
+      @trial_days = trial_days
 
-    # @return [String]
-    param :plan_name
-    # @return [Integer]
-    param :price
-    # @return [Integer] requires price_terms
-    option :price_cap, optional: true
-    # @return [String] requires price_cap
-    option :price_terms, optional: true
-    # @return [Boolean] is this a test charge?
-    option :test, default: proc { false }
-    # @return [Integer]
-    option :trial_days, default: proc { 7 }
-    # @return [Credentials]
-    option :credentials, default: proc { LucidShopify.credentials }
+      freeze
+    end
 
     #
     # Map to the Shopify API structure.
@@ -32,14 +37,14 @@ module LucidShopify
     # @return [Hash]
     #
     def to_h
-      {}.tap do |hash|
-        hash[:name] = plan_name
-        hash[:price] = price
-        hash[:capped_amount] = price_cap if usage_based_billing?
-        hash[:terms] = price_terms if usage_based_billing?
-        hash[:return_url] = credentials.billing_callback_uri
-        hash[:test] = test if test
-        hash[:trial_days] = trial_days if trial_days
+      {}.tap do |h|
+        h[:name] = @plan_name
+        h[:price] = @price
+        h[:capped_amount] = @price_cap if usage_based_billing?
+        h[:terms] = @price_terms if usage_based_billing?
+        h[:return_url] = LucidShopify.config.billing_callback_uri
+        h[:test] = @test if @test
+        h[:trial_days] = @trial_days if @trial_days
       end
     end
 
@@ -47,7 +52,7 @@ module LucidShopify
     # @return [Boolean]
     #
     private def usage_based_billing?
-      price_cap && price_terms
+      @price_cap && @price_terms
     end
   end
 end

data/lib/lucid_shopify/client.rb

@@ -1,49 +1,44 @@
 # frozen_string_literal: true
 
-require 'lucid_shopify/send_request'
+require 'lucid_shopify/container'
 
-%w(delete get post put).each do |method|
-  require "lucid_shopify/#{method}_request"
-end
+%w(delete get post put).each { |m| require "lucid_shopify/#{m}_request" }
 
 module LucidShopify
   class Client
     #
-    # @param send_request [SendRequest]
+    # @param send_request [#call]
     #
-    def initialize(send_request: SendRequest.new)
+    def initialize(send_request: Container[:send_request])
       @send_request = send_request
     end
 
-    # @return [SendRequest]
-    attr_reader :send_request
-
     #
-    # @see {DeleteRequest#initialize}
+    # @see DeleteRequest#initialize
     #
     def delete(*args)
-      send_request.(DeleteRequest.new(*args))
+      @send_request.(DeleteRequest.new(*args))
     end
 
     #
-    # @see {GetRequest#initialize}
+    # @see GetRequest#initialize
     #
     def get(*args)
-      send_request.(GetRequest.new(*args))
+      @send_request.(GetRequest.new(*args))
     end
 
     #
-    # @see {PostRequest#initialize}
+    # @see PostRequest#initialize
     #
     def post_json(*args)
-      send_request.(PostRequest.new(*args))
+      @send_request.(PostRequest.new(*args))
     end
 
     #
-    # @see {PutRequest#initialize}
+    # @see PutRequest#initialize
     #
     def put_json(*args)
-      send_request.(PutRequest.new(*args))
+      @send_request.(PutRequest.new(*args))
     end
   end
 end

data/lib/lucid_shopify/config.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+require 'forwardable'
+
+require 'lucid_shopify'
+
+module LucidShopify
+  NotConfiguredError = Class.new(Error)
+
+  class << self
+    extend Forwardable
+
+    # TODO: *Config.dry_initializer.attributes (version 2.0.0+)
+    def_delegators :config, :api_key, :shared_secret, :scope, :billing_callback_uri, :webhook_uri
+
+    # @param config [Config]
+    attr_writer :config
+
+    #
+    # @return [Config]
+    #
+    # @raise [NotConfiguredError] if credentials are unset
+    #
+    def config
+      raise NotConfiguredError unless @config
+
+      @config
+    end
+  end
+
+  class Config
+    extend Dry::Initializer
+
+    # @return [String]
+    param :api_key
+    # @return [String]
+    param :shared_secret
+    # @return [String]
+    param :scope
+    # @return [String]
+    param :billing_callback_uri
+    # @return [String]
+    param :webhook_uri
+  end
+end

data/lib/lucid_shopify/container.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+require 'dry/container'
+
+require 'lucid_shopify'
+
+module LucidShopify
+  Container = Dry::Container.new
+
+  # Services only (dependencies); no value objects, entities.
+  Container.register(:activate_charge) { ActivateCharge.new }
+  Container.register(:assert_callback) { AssertCallback.new }
+  Container.register(:assert_webhook) { AssertWebhook.new }
+  Container.register(:client) { Client.new }
+  Container.register(:create_all_webhooks) { CreateAllWebhooks.new }
+  Container.register(:create_charge) { CreateCharge.new }
+  Container.register(:create_webhook) { CreateWebhook.new }
+  Container.register(:delete_all_webhooks) { DeleteAllWebhooks.new }
+  Container.register(:delete_webhook) { DeleteWebhook.new }
+  Container.register(:fetch_access_token) { FetchAccessToken.new }
+  Container.register(:send_request) { SendRequest.new }
+  Container.register(:send_throttled_request) { SendThrottledRequest.new }
+end

data/lib/lucid_shopify/create_all_webhooks.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require 'lucid_shopify/container'
+
+module LucidShopify
+  class CreateAllWebhooks
+    #
+    # @param create_webhook [#call]
+    #
+    def initialize(create_webhook: Container[:create_webhook])
+      @create_webhook = create_webhook
+    end
+
+    #
+    # Create all webhooks for the shop. Shopify ignores any webhooks which
+    # already exist remotely.
+    #
+    # @param request_credentials [RequestCredentials]
+    #
+    def call(request_credentials)
+      LucidShopify.webhooks.map do |webhook|
+        Thread.new { @create_webhook.(request_credentials, webhook) }
+      end.map(&:value)
+    end
+  end
+
+  class << self
+    #
+    # Webhooks created for each shop.
+    #
+    # @return [Array<Hash>]
+    #
+    # @example
+    #   LucidShopify.webhooks << {topic: 'orders/create', fields: 'id,line_items'}
+    #
+    def webhooks
+      @webhooks ||= []
+    end
+  end
+end

data/lib/lucid_shopify/create_charge.rb

@@ -1,26 +1,26 @@
 # frozen_string_literal: true
 
-require 'dry-initializer'
-
-require 'lucid_shopify/client'
+require 'lucid_shopify/container'
 
 module LucidShopify
   class CreateCharge
-    extend Dry::Initializer
-
-    # @return [Client]
-    option :client, default: proc { Client.new }
+    #
+    # @param client [#post_json]
+    #
+    def initialize(client: Container[:client])
+      @client = client
+    end
 
     #
     # Create a new recurring application charge.
     #
     # @param request_credentials [RequestCredentials]
-    # @param charge [Hash, #to_h]
+    # @param charge [#to_h]
     #
     # @return [Hash] the pending charge
     #
     def call(request_credentials, charge)
-      data = client.post_json(request_credentials, 'recurring_application_charge', charge.to_h)
+      data = @client.post_json(request_credentials, 'recurring_application_charges', charge.to_h)
 
       data['recurring_application_charge']
     end

data/lib/lucid_shopify/create_webhook.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'lucid_shopify/container'
+
+module LucidShopify
+  class CreateWebhook
+    #
+    # @param client [#post_json]
+    #
+    def initialize(client: Container[:client])
+      @client = client
+    end
+
+    #
+    # @param request_credentials [RequestCredentials]
+    # @param webhook [Hash]
+    #
+    def call(request_credentials, webhook)
+      data = {**webhook, address: LucidShopify.config.webhook_uri}
+
+      @client.post_json(request_credentials, 'webhooks', webhook: data)
+    end
+  end
+end

data/lib/lucid_shopify/delegate_webhooks.rb

@@ -22,7 +22,7 @@ module LucidShopify
     # Call each of the handlers registered for the given topic in turn. See
     # {#register} below for more on webhook handlers.
     #
-    # @param webhook [LucidShopify::Webhook]
+    # @param webhook [Webhook]
     #
     def call(webhook)
       handlers[webhook.topic]&.each { |handler| handler.(webhook) }

data/lib/lucid_shopify/delete_all_webhooks.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require 'lucid_shopify/container'
+
+module LucidShopify
+  class DeleteAllWebhooks
+    #
+    # @param client [#get]
+    # @param delete_webhook [#call]
+    #
+    def initialize(client: Container[:client],
+                   delete_webhook: Container[:delete_webhook])
+      @client = client
+      @delete_webhook = delete_webhook
+    end
+
+    #
+    # Delete any existing webhooks.
+    #
+    # @param request_credentials [RequestCredentials]
+    #
+    def call(request_credentials)
+      webhooks = @client.get('webhooks')['webhooks']
+
+      webhooks.map do |webhook|
+        Thread.new { @delete_webhook.(request_credentials, webhook['id']) }
+      end.map(&:value)
+    end
+  end
+end

data/lib/lucid_shopify/delete_request.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-require 'lucid_shopify/request'
+require 'lucid_shopify'
 
 module LucidShopify
   class DeleteRequest < Request
+    #
+    # @private
     #
     # @param credentials [RequestCredentials]
     # @param path [String] the endpoint relative to the base URL

data/lib/lucid_shopify/delete_webhook.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require 'lucid_shopify/container'
+
+module LucidShopify
+  class DeleteWebhook
+    #
+    # @param client [#delete]
+    #
+    def initialize(client: Container[:client])
+      @client = client
+    end
+
+    #
+    # @param request_credentials [RequestCredentials]
+    # @param id [Integer]
+    #
+    def call(request_credentials, id)
+      @client.delete(request_credentials, "webhooks/#{id}")
+    end
+  end
+end

data/lib/lucid_shopify/error.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module LucidShopify
+  #
+  # Subclass this class for all gem exceptions, so that callers may r escue
+  # any subclass with:
+  #
+  #     rescue LucidShopify::Error => e
+  #
+  Error = Class.new(StandardError)
+end

data/lib/lucid_shopify/fetch_access_token.rb

@@ -1,19 +1,17 @@
 # frozen_string_literal: true
 
-require 'dry-initializer'
-
-require 'lucid_shopify/client'
+require 'lucid_shopify/container'
 
 module LucidShopify
   class FetchAccessToken
-    Error = Class.new(StandardError)
-
-    extend Dry::Initializer
+    Error = Class.new(Error)
 
-    # @return [Client]
-    option :client, default: proc { Client.new }
-    # @return [Credentials]
-    option :credentials, default: proc { LucidShopify.credentials }
+    #
+    # @param client [#post_json]
+    #
+    def initialize(client: Container[:client])
+      @client = client
+    end
 
     #
     # Exchange an authorization code for a new Shopify access token.
@@ -26,10 +24,10 @@ module LucidShopify
     # @raise [Error] if the response is invalid
     #
     def call(request_credentials, authorization_code)
-      data = client.post_json(request_credentials, 'oauth/access_token', post_data(authorization_code))
+      data = @client.post_json(request_credentials, 'oauth/access_token', post_data(authorization_code))
 
       raise Error if data['access_token'].nil?
-      raise Error if data['scope'] != credentials.scope
+      raise Error if data['scope'] != LucidShopify.config.scope
 
       data['access_token']
     end
@@ -41,8 +39,8 @@ module LucidShopify
     #
     private def post_data(authorization_code)
       {
-        client_id: credentials.api_key,
-        client_secret: credentials.shared_secret,
+        client_id: LucidShopify.config.api_key,
+        client_secret: LucidShopify.config.shared_secret,
         code: authorization_code,
       }
     end

data/lib/lucid_shopify/get_request.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-require 'lucid_shopify/request'
+require 'lucid_shopify'
 
 module LucidShopify
   class GetRequest < Request
+    #
+    # @private
     #
     # @param credentials [RequestCredentials]
     # @param path [String] the endpoint relative to the base URL

data/lib/lucid_shopify/post_request.rb

@@ -1,9 +1,11 @@
 # frozen_string_literal: true
 
-require 'lucid_shopify/request'
+require 'lucid_shopify'
 
 module LucidShopify
   class PostRequest < Request
+    #
+    # @private
     #
     # @param credentials [RequestCredentials]
     # @param path [String] the endpoint relative to the base URL